Re: [PATCH 2/4] leaking_addresses: simplify path skipping

From: Tycho Andersen
Date: Sun Feb 25 2018 - 20:26:53 EST

Next message: jiangyiwen: "Re: [V9fs-developer] [PATCH] fs/9p: don't set SB_NOATIME by default"
Previous message: AKASHI Takahiro: "Re: [PATCH 00/17] Add kexec_file_load support to s390"
Next in thread: Tobin C. Harding: "Re: [PATCH 2/4] leaking_addresses: simplify path skipping"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Tobin,

On Mon, Feb 19, 2018 at 01:50:47PM +1100, Tobin C. Harding wrote:
> -# Do not parse these files under any subdirectory.
> -my @skip_parse_files_any = ('0',
> - '1',
> - '2',
> - 'pagemap',
> - 'events',
> - 'access',
> - 'registers',
> - 'snapshot_raw',
> - 'trace_pipe_raw',
> - 'ptmx',
> - 'trace_pipe');

It might be worth adding 'syscall' here; the pointers listed are user
pointers, and negative syscall args will show up like kernel pointers,
e.g. I get this output, which is spurious:

/proc/31808/syscall: 0 0x3 0x55b107a38180 0x2000 0xffffffffffffffb0 0x55b107a302d0 0x55b107a38180 0x7fffa313b8e8 0x7ff098560d11

Cheers,

Tycho

Next message: jiangyiwen: "Re: [V9fs-developer] [PATCH] fs/9p: don't set SB_NOATIME by default"
Previous message: AKASHI Takahiro: "Re: [PATCH 00/17] Add kexec_file_load support to s390"
Next in thread: Tobin C. Harding: "Re: [PATCH 2/4] leaking_addresses: simplify path skipping"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]